US Patent Application 18449186. System, Method, and Computer Program Product for Network Anomaly Detection simplified abstract
Contents
System, Method, and Computer Program Product for Network Anomaly Detection
Organization Name
Visa International Service Association
Inventor(s)
Chiranjeet Chetia of Round Rock TX (US)
Jianhua Huang of Cedar Park TX (US)
Marc Corbalan Vila of London (GB)
Francisco Cardona Lema of London (GB)
Stuart Mark Williams of London (GB)
System, Method, and Computer Program Product for Network Anomaly Detection - A simplified explanation of the abstract
This abstract first appeared for US patent application 18449186 titled 'System, Method, and Computer Program Product for Network Anomaly Detection
Simplified Explanation
This patent application describes a system, method, and computer program for detecting network anomalies.
- The method involves analyzing event data from communications in a computer network to determine nested groups.
- The system generates display data that represents the event data in a graphical format, with nested graphical nodes.
- New event data from subsequent communications is received and a new graphical representation is generated.
- Anomalous graphical nodes are identified by comparing the size of the nodes in the new representation to the initial representation.
- The increase in size of a graphical node indicates an anomaly in the network.
- This technology helps in detecting and visualizing network anomalies for better network management and security.
Original Abstract Submitted
Provided are a system, method, and computer program product for network anomaly detection. The method includes determining a plurality of nested groups based on event data associated with a plurality of communications in a computer network. The method also includes generating display data configured to cause a display of a computing device to show a first graphical representation of the event data including a plurality of nested graphical nodes. The method further includes receiving new event data associated with a plurality of new communications in the computer network in a subsequent time period and generating new display data configured to cause the display to show a new graphical representation of the new event data. The method further includes determining an anomalous graphical node based at least partly on a size of the anomalous graphical node being increased in the new graphical representation relative to the first graphical representation.